package com.ynny.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;


@EnableWebSecurity  // 启用Spring Security核心过滤器,安全认证
@Configuration // 配置类
public class SecurityConfig extends WebSecurityConfigurerAdapter {  // 继承该父类, 重写configure方法, 配置安全认证规则

    @Bean //重写方法后注入容器, 为Spring Security返回用户信息
    @Override
    protected UserDetailsService userDetailsService() {  //UserDetailsService:Spring Security 用于加载用户信息的核心接口
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();

        manager.createUser(
                User
                        .withUsername("lisi")
                        .password(PasswordEncoder().encode("123"))
                        .authorities("USER")
                        .build());
        return  manager;
    }
    @Bean
    public BCryptPasswordEncoder PasswordEncoder(){ //BCryptPasswordEncoder:Spring Security 密码编码器, 用于对密码进行编码

        return new BCryptPasswordEncoder();
    }

    public static void main(String[] args) {
        System.out.println(new BCryptPasswordEncoder().encode("123"));
    }
    @Override
    @Bean //将 AuthenticationManager 暴露出去用于（比如自定义登录控制器、JWT 过滤器等）手动调用认证逻辑, 默认是隐藏的, 无法直接访问
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }


}





















// 重写该方法
//    @Override
//  @Bean 将 AuthenticationManager 暴露出去用于（比如自定义登录控制器、JWT 过滤器等）手动调用认证逻辑, 默认是隐藏的, 无法直接访问
//    public AuthenticationManager authenticationManagerBean() throws Exception {
//        return super.authenticationManagerBean();
//    }
// 认证管理


//新版本不再继承WebSecurityConfigurerAdapter
/*
@Bean //面向函数式风格配置,无需手动暴露
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    http
            .authorizeRequests(auth -> auth //省略配置
                    .anyRequest().authenticated()
            )
            .formLogin();
    return http.build();
}

@Bean
public UserDetailsService userDetailsService() {
    var user = User.withUsername("lisi")
            .password("{noop}123")
            .roles("USER")
            .build();
    return new InMemoryUserDetailsManager(user);
}
----------------------------------------------------------------------------------
@Configuration
public class SecurityConfig {

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
            .authorizeHttpRequests(auth -> auth
                .anyRequest().authenticated()
            )
            .formLogin(form -> form
                .loginPage("/login")   // 可选：自定义登录页
                .permitAll()
            );
        return http.build();
    }

    @Bean
    public UserDetailsService userDetailsService() {
        var user = User.withUsername("lisi")
                       .password("{noop}123") // {noop} 表示不加密
                       .roles("USER")
                       .build();
        return new InMemoryUserDetailsManager(user);
    }

    // 如果你需要暴露 AuthenticationManager（比如做 JWT）
    @Bean
    public AuthenticationManager authManager(HttpSecurity http) throws Exception {
        return http.getSharedObject(AuthenticationManagerBuilder.class).build();
    }
}

*/